Home
Laptops
Laptops News
Microsoft Word Affected by Critical Office Zero Day Vulnerability, Reports McAfee

Microsoft Word Affected by Critical Office Zero-Day Vulnerability, Reports McAfee

By Ketan Pratap | Updated: 12 April 2017 19:02 IST

Highlights

New exploit works on all Microsoft Office versions
Microsoft to release fix soon
McAfee recommends enabling Office Protected View

Security software company McAfee has discovered a new zero-day vulnerability that affects all versions of Microsoft Word. According to the company, the new zero-day exploit works on all Microsoft Office versions, including the latest Office 2016 running on Windows 10. For those unaware, a zero-day vulnerability or zero-day attack is a threat that can take advantage of a previously unknown susceptibility in an app or Web service that has not been addressed or patched by developers.

McAfee in its research report detailed it discovered the exploit in action in late January. The samples collected by the team saw the exploit organised as Word files (more specially, RTF files with ".doc" extension name).

"The exploit connects to a remote server (controlled by the attacker), downloads a file that contains HTML application content, and executes it as an .hta file. Because .hta is executable, the attacker gains full code execution on the victim's machine. Thus, this is a logical bug, and gives the attackers the power to bypass any memory-based mitigation developed by Microsoft," explains the McAfee team. The .hta content is said to be disguised as a normal RTF file to evade security products.

"The successful exploit closes the bait Word document, and pops up a fake one to show the victim. In the background, the malware has already been stealthily installed on the victim's system," adds the team.

McAfee team has suggested some mitigation against the new zero-day attack before Microsoft issues an official patch including enabling the Office Protected View as the new exploit cannot bypass the Office Protected View, and do not open any Office files obtained from untrusted locations.

"We notified the Microsoft Security Response Center as soon as we found the suspicious samples, and we will continue to work with them to protect Office users," the team wrote in a blog post.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: McAfee, Zero Day Vulnerability, Microsoft, Microsoft Word, Microsoft Office, Internet, Apps

Ketan Pratap

Email Ketan

Ketan Pratap is the editor at Gadgets 360 - with over 12 years of experience covering the technology domain. With a breadth and depth of knowledge in the field, he's done extensive work across news, features, reviews, and opinion pieces. But what's truly inspiring about Ketan is how he spends his free time. He's often found gazing at snow-capped mountains from over 20,000 feet while sitting on the hood of his car, taking in the breathtaking beauty of nature. His passion for the great ...More